Document toolboxDocument toolbox

Activeboard: AWS Security Lake

Purpose

This Activeboard helps you monitor the activity of Amazon Security Lake.

Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers, on premises, and cloud sources into a purpose-built data lake stored in your account. With Security Lake, you can get a more complete understanding of your security data across your entire organization.

You can also improve the protection of your workloads, applications, and data. Security Lake has adopted the Open Cybersecurity Schema Framework (OCSF), an open standard. With OCSF support, the service normalizes and combines security data from AWS and a broad range of enterprise security data sources.

Security Lake Events: Simple value widget

AWS Account: Text input

AWS Region: Select input

API Operations - src Endpoint Domain: Dependency wheel widget

Product and Features: Voronoi widget

API Operations: Table widget

Activity Overview: Table widget

 

 

Prerequisites

To use this Activeboard, you must have the following data sources available in your domain:

Open Activeboard

Once you have installed the Activeboard, you can use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

20_Open Activeboard.png

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.